- Wireshark 2.2.8 (bsc#1049255):

This release fixes minor vulnerabilities that could be used to
  trigger dissector crashes, infinite loopsm or cause excessive use
  of memory resources by making Wireshark read specially crafted
  packages from the network or a capture file:
  * CVE-2017-7702 CVE-2017-11410: WBMXL dissector infinite loop
    (wnpa-sec-2017-13)
  * CVE-2017-9350 CVE-2017-11411: openSAFETY dissector memory
    exhaustion (wnpa-sec-2017-28)
  * CVE-2017-11408: AMQP dissector crash (wnpa-sec-2017-34)
  * CVE-2017-11407: MQ dissector crash (wnpa-sec-2017-35)
  * CVE-2017-11406: DOCSIS infinite loop (wnpa-sec-2017-36)

OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=218
This commit is contained in:
Andreas Stieger 2017-07-18 21:45:56 +00:00 committed by Git OBS Bridge
parent ecdedd15b2
commit e8aaeac1ab
6 changed files with 68 additions and 52 deletions

View File

@ -1,48 +0,0 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-2.2.7.tar.bz2: 32309420 bytes
SHA256(wireshark-2.2.7.tar.bz2)=689ddf62221b152779d8846ab5b2063cc7fd41ec1a9f04eefab09b5d5486dbb5
RIPEMD160(wireshark-2.2.7.tar.bz2)=baf598f495c04f3709cb02c9046b8176f5f5c72e
SHA1(wireshark-2.2.7.tar.bz2)=2bb1cdf56a93fb22a66e8179214b587c71f06c9e
MD5(wireshark-2.2.7.tar.bz2)=a4d880554c7f925dafef60fa313b580d
Wireshark-win64-2.2.7.exe: 49400720 bytes
SHA256(Wireshark-win64-2.2.7.exe)=cc8e6feff1e72d1baaafb277e33c9137a76a5edeca629fe4c764070a0719df50
RIPEMD160(Wireshark-win64-2.2.7.exe)=e1b5395752ff672593bb02e02c9d43b969a6d136
SHA1(Wireshark-win64-2.2.7.exe)=bb9f0c2f8448069e8ef33302e3e8a5182a066788
MD5(Wireshark-win64-2.2.7.exe)=30570a7b54c17da897cf155e35a2f44a
Wireshark-win32-2.2.7.exe: 44550128 bytes
SHA256(Wireshark-win32-2.2.7.exe)=6f5ef2ed9aed62f3613f66b960f50663cfb4ec4b59c9fe1fa11ff08137c8a0c0
RIPEMD160(Wireshark-win32-2.2.7.exe)=14aa5ae001272ac7ce1eea2d166f02b89a1de76c
SHA1(Wireshark-win32-2.2.7.exe)=1c778e2885fbf0668f75567841d0b00c73b9c7d6
MD5(Wireshark-win32-2.2.7.exe)=ab254d59f70aec9178aeb8a76a24de50
WiresharkPortable_2.2.7.paf.exe: 46147736 bytes
SHA256(WiresharkPortable_2.2.7.paf.exe)=3fc82830a4d2b0d620ef37c1fd406d99e5cad7ff2c831b1d284f5e87282ae2c1
RIPEMD160(WiresharkPortable_2.2.7.paf.exe)=2d699d1fe6d1bd2e30000cff21837d17d069725f
SHA1(WiresharkPortable_2.2.7.paf.exe)=5cc73524dfc49780ce22f8dfe4d74876c2f9eb5a
MD5(WiresharkPortable_2.2.7.paf.exe)=d05d04a6ce82a7253949d45cc5fb6186
Wireshark 2.2.7 Intel 64.dmg: 32873230 bytes
SHA256(Wireshark 2.2.7 Intel 64.dmg)=6d46e7270fc6b661ece24c0fcaf56c7e4ce4f65501ef055ea46c6cfdf95c6dcb
RIPEMD160(Wireshark 2.2.7 Intel 64.dmg)=7b1ab739f9dc24c03b9b825a8533e0e891ee822f
SHA1(Wireshark 2.2.7 Intel 64.dmg)=50fa591d6fb0d4f59a5c2c9c12c1f114522f8377
MD5(Wireshark 2.2.7 Intel 64.dmg)=2814af6a4f0c851e1d44213d96428919
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlkwdzIACgkQgiRKeOb+
ruqeLw//XkRVualJQ8H5drJUSDQwxDwGwona4R20Bh1EETMeCW+g+IFEx2Me1qcj
460oEZ7JshsUYI2rGeqJSoK3xPLWLsNwdaMrV3hJOT5WiglJq/OZ6XUUrAsWZ25B
+pzYK95SCl3OWeNOpVvj7BKmI8GljzE6MkItSwHeK4+GC4R144UxGBtOjm6iiQHV
stIbec6+lqGYjAAq9V/I+ukYuOoFomlXZcRIMl1/RBB3L8Y2R+xiu+vEUBSNuNgV
IfgBej3ydzHvZpidOMQMGTpiffZ/BMhh/NRvTwv18MHAn60tuyJ3EoQpUMWVOxTR
AZ5dADVvu7ojtCnx5M5rsOdNRq1eW2gHUClVlYYJWWjJ+FD9yu0tyOjsJXkuJHfa
ayrsDATBYFjX3xVEszeUiNj4uYdKt055wa0W6Ra7uvkKH6YrVViROh3WyYVHKofz
JthcSkoqLFZvqkTq01viDcmk3GvNrkxBB5ziCgT4hzHFPh+JQld6GgD9LbUajydR
BOnmKVJlBaozCSJhKd7dIg+dnJeQG8GBEU2rviWqQsYovRl9YOMGa9vmeZApTa5y
WwTbI7OFitfVAgPuLymWActbEBREJfKx5A3RDV/HSgO1UjXs/FEOzbj2RSOT14T5
+tliAL+bMbnLzBDdGKzCDb9Aq/6bgzYfzJFjvF4raopGYsLccqk=
=KpEA
-----END PGP SIGNATURE-----

48
SIGNATURES-2.2.8.txt Normal file
View File

@ -0,0 +1,48 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
wireshark-2.2.8.tar.bz2: 32331209 bytes
SHA256(wireshark-2.2.8.tar.bz2)=ecf02c148c9ab6e809026ad5743fe9be1739a9840ef6fece6837a7ddfbdf7edc
RIPEMD160(wireshark-2.2.8.tar.bz2)=58b46222b2a5cea2923c82f4eff95ad04b702f1a
SHA1(wireshark-2.2.8.tar.bz2)=605d4323e9ac0122eca47a5c17ec14daf34b1ea1
MD5(wireshark-2.2.8.tar.bz2)=bb81d0ecf3a8ed46bedfaeae6fd318a8
Wireshark-win32-2.2.8.exe: 44569240 bytes
SHA256(Wireshark-win32-2.2.8.exe)=7bfd50b9bbeeba6cc55c8f660e9e44c643791ee306227584299b560843f1564c
RIPEMD160(Wireshark-win32-2.2.8.exe)=5862ef866c657cedca6ee587a9e87387fd1bac8f
SHA1(Wireshark-win32-2.2.8.exe)=6c86be620ef189b5f1637b2c9f6bd576fee9894f
MD5(Wireshark-win32-2.2.8.exe)=65e04d901c65d704ab936d0f9ecfb0e2
Wireshark-win64-2.2.8.exe: 49409656 bytes
SHA256(Wireshark-win64-2.2.8.exe)=caa8e6b1a69964594cfc5d4ebd16255a8ba80f54044c0d9c9352a798bde2bc89
RIPEMD160(Wireshark-win64-2.2.8.exe)=9fd69129d4bd1a1c3b08396100eb000e109fd32b
SHA1(Wireshark-win64-2.2.8.exe)=23e3b2d6d917d60c106c9a52f1d603be7cef3e82
MD5(Wireshark-win64-2.2.8.exe)=60d00d0e82eacf9bad6cabf052356e3d
WiresharkPortable_2.2.8.paf.exe: 46164528 bytes
SHA256(WiresharkPortable_2.2.8.paf.exe)=510f9e1105e145739ee1cebfcad4ad8ab20d3336623ce807b3dd8d925dbebf8c
RIPEMD160(WiresharkPortable_2.2.8.paf.exe)=f9a4fc82a59c60b1d616c5df6515d553d1d2157a
SHA1(WiresharkPortable_2.2.8.paf.exe)=64bc24c167998323212abb8330ea1ab52de6122c
MD5(WiresharkPortable_2.2.8.paf.exe)=72c677725c9e218450dc2a63db5e11ba
Wireshark 2.2.8 Intel 64.dmg: 33444845 bytes
SHA256(Wireshark 2.2.8 Intel 64.dmg)=efc681a6ef2bb52e76e15853c5d1b143078c548951d256283a53cc61c894d77f
RIPEMD160(Wireshark 2.2.8 Intel 64.dmg)=c64e6ce2ce586a3ccdd179e265d1469a43b7883d
SHA1(Wireshark 2.2.8 Intel 64.dmg)=b066c7bf1c90b3287ab1ced3ea3e430e6e7c94d4
MD5(Wireshark 2.2.8 Intel 64.dmg)=3aca252edf8518be821ab100b8efdd0d
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEWlrbp9vqbD+HIk8ZgiRKeOb+ruoFAlluTowACgkQgiRKeOb+
rupG1A/+Jth6yo6f7DJLTsk6s/pSFxYOe32PDROBj7IxQ5FM3OQZ4ILcX3MoFdba
sY/v9+GyLvXg9O/mPywGsD6SHPkyScHi891uvALuw6k7oy6/0V7dLvQVvaPo+nHb
S+SIgbUWsztSgj4PARiSCr8QLbmHpZ8d1EwAecDBrLaPGMsANWToHASu+rRKtjGe
MDyxPRj6GLwoAIkb6B2PKfuL3FjJA+YAbI/AMlHKIQBuqV/Zlbxkpgy76eHH7NKe
SKLWW1hgnyC4/DIxfPUz3WwHAnt2MgdGjljVCZnUVi6HBmFtbChwNP9VuVXh/b6C
cIIMu0TehXrRvSFytDwvYGJDzlaYuasNIiAVKBtQtJA4VGE4cewN6mZBux0o1eCJ
0H5fUIVZFEY5OaaDywYl2K8p+v5Nf0K2b/lIqZIwCeMFoywrSMtH6PUb+jmziBg4
6umoPJQO03t8R/DS4e1UQnY9vVzMFNBhjH5/WzGI3qv6fuGnfaZrcAzhvJlFsr39
m9DtPej0i7aA3YvSfVDG25/4sSoJocvZT3wsoMv9xMo+XUZHzraG+VSZylsE71DR
CJF5KFGIfugraHDxIlvxtRTSkkXe5hdC7nW+qBw1OL+5vLt5sUIHXDeYz2uLUIPf
VSAZSNzZlUODd7X55jgDlQegfntUiUh31hs5urD1zM3eNfjJKdw=
=5kXd
-----END PGP SIGNATURE-----

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:689ddf62221b152779d8846ab5b2063cc7fd41ec1a9f04eefab09b5d5486dbb5
size 32309420

3
wireshark-2.2.8.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ecf02c148c9ab6e809026ad5743fe9be1739a9840ef6fece6837a7ddfbdf7edc
size 32331209

View File

@ -1,3 +1,19 @@
-------------------------------------------------------------------
Tue Jul 18 21:29:37 UTC 2017 - astieger@suse.com
- Wireshark 2.2.8 (bsc#1049255):
This release fixes minor vulnerabilities that could be used to
trigger dissector crashes, infinite loopsm or cause excessive use
of memory resources by making Wireshark read specially crafted
packages from the network or a capture file:
* CVE-2017-7702 CVE-2017-11410: WBMXL dissector infinite loop
(wnpa-sec-2017-13)
* CVE-2017-9350 CVE-2017-11411: openSAFETY dissector memory
exhaustion (wnpa-sec-2017-28)
* CVE-2017-11408: AMQP dissector crash (wnpa-sec-2017-34)
* CVE-2017-11407: MQ dissector crash (wnpa-sec-2017-35)
* CVE-2017-11406: DOCSIS infinite loop (wnpa-sec-2017-36)
-------------------------------------------------------------------
Fri Jun 2 09:21:15 UTC 2017 - astieger@suse.com

View File

@ -36,7 +36,7 @@
%bcond_with geoip
%endif
Name: wireshark
Version: 2.2.7
Version: 2.2.8
Release: 0
Summary: A Network Traffic Analyser
License: GPL-2.0+ and GPL-3.0+